Date: Wed, 27 Mar 2013 20:15:56 +0100 From: =?ISO-8859-1?Q?Bernhard_Fr=F6hlich?= <decke@FreeBSD.org> To: grarpamp <grarpamp@gmail.com> Cc: freebsd-ports@freebsd.org Subject: Re: Status of packages Message-ID: <CAE-m3X29GhObconj0V7wxhzjh0n5jHUtqnBvd8t0euKvSOn_Hg@mail.gmail.com> In-Reply-To: <CAD2Ti29S8i%2BGSFFV7O8JSKsk3StkfHWK0nE_JE4CgFWuOpFxaw@mail.gmail.com> References: <CAD2Ti29CQ5uchftP63niDB8ORLW7CCh%2B1qBco=P44=wtXhP7iA@mail.gmail.com> <20130326082325.GW2198@droso.net> <CAD2Ti2-3eTQ0wc-V8NLgkVANGcdigRjL5m9h_2eGFw4G=NQK5w@mail.gmail.com> <CAE-m3X1sPLUywnNnvbm50i=t0L7LGVK5woN8OexqUA0PMuEh5Q@mail.gmail.com> <CAD2Ti29S8i%2BGSFFV7O8JSKsk3StkfHWK0nE_JE4CgFWuOpFxaw@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, Mar 27, 2013 at 5:37 PM, grarpamp <grarpamp@gmail.com> wrote: >>> It's nice to see something like redports. It can be helpful to those using >>> ports to diagnose their local builds against the output of a formal >>> sandbox >>> service for the project. It would be cool if the logs, build hiers and >>> packages >>> from such a buildbot were accessible. They'd obviously always be in flux >>> but >>> still useful to see. > >> Redports is very bad for providing packages because of all the frequent >> changes and the "chaotic nature" of such a system. Additionally the security >> considerations made clear that redports should never provide any binary data >> to users to minimize risk in case of a potential security incident. > > 'formal/project/service' and 'flux' were attempts at covering this. Another > partial example might be pointyhat, the logs are viewable, but not the > output file trees. > The 'security' aspect would just seem whether the builds come > from the main repo and are built in a pretty automated sandbox, or > from joe's working tree in their own slush account. No. The security concerns are that some "attacker" could infect binaries and add dangerous code if he manages to break out of a jail or place malicious code in some packages that are used as dependencies. Due to the nature of redports many jobs by a lot of people are build in parallel and ports depend on each other so you cannot trust the machine anymore and the only way to proceed would be by wiping the box and restarting from scratch. Since the packages are not shared accross multiple machines nor made available to users the risk is that the machine has to be wiped but it could never infect any user. In addition to that redports does a lot to make sure that user modified packages are not reused and environments are cleaned after each build but nobody says it's impossible. -- Bernhard Froehlich http://www.bluelife.at/
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAE-m3X29GhObconj0V7wxhzjh0n5jHUtqnBvd8t0euKvSOn_Hg>